[PATCH PR45098] Disallow NULL pointer in pointer arithmetic

Zdenek Dvorak rakdver@kam.mff.cuni.cz
Mon Jun 20 12:41:00 GMT 2011


> > I don't think we should move this kind of undefinedness from C to
> > the GIMPLE semantics.  What do other languages allow that
> > we have to support (what did K&R C specify?).
> 
> I don't think there is a formal specification of K&R C, just the (somewhat
> informal) book.  On topic of pointer arithmetics, the case of addition
> is not completely clear.  It does say that you can only subtract pointers
> to members of the same array, though.
> 
> On topic of addition of integer to a pointer, it says that "The construction
> p + n means the address of the n-th object beyond the one p currently points to. This is true
> regardless of the kind of object p points to; n is scaled according to the size of the objects p
> points to, which is determined by the declaration of p."

Anyway, I don't think that this should be a matter of lawyer scrutiny of the specifications;
rather, we should consider whether there is a situation where a user could reasonably expect
NULL + 0 to be valid.  In the example by Richard,

int __attribute__((noinline)) foo (void *p, int i)
{
  return p + i != NULL;
}

I think it would be hard to argue that this construction is natural.

Zdenek



More information about the Gcc-patches mailing list